WeBid Bug Tracking

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000380WeBidAuctionspublic2012-05-24 12:422012-12-12 03:57
Reportersitemasters 
Assigned To 
Priority@0@SeverityminorReproducibilityhave not tried
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version1.0.3 
Target VersionFixed in Version1.1.0 
Summary0000380: Shorthand for inch not working correctly in auction title and subtitle
DescriptionBasically if anyone uses the quote mark as a shorthand to the word inch such as 9" nails in the auction title and subtitle boxes, if they click back to edit the listing then all their typing after the " disappears.



The same issue exists in the admin section when adding categories such as 12" rulers for example.



Anyone have a solution other than removing the quotes from value="{AUC_TITLE}" and value="{AUC_SUBTITLE}"
TagsNo tags attached.
import_id382
Thread
Attached Files

- Relationships

-  Notes
(0000945)
nay27uk (reporter)
2012-05-24 12:46
edited on: 2012-05-24 13:10

Why did you not use the term 12" ruller for the title of this post?
 
this is a family orientated forum and must be kept clean
 
8" rubber dildo is not somthing children or most adults want to be seeing as a title for a post, it shocked me when I seen it and I am an adult with a very open mind + it looks like it could have been SPAM.
 
PLEASE KEEP IT CLEAN AND USE CORRECT TITLES
 
A better title would have been "Shorthand for the word inch not working"
 
May I remind you of the http://www.webidsupport.com/forums/announcement.php?f=10" [^" title="]forum rules">]forum rules
 
Someone wrote

3.Members should remember this board is aimed at a general audience. Posting pornographic or generally offensive text, images, links, etc. will not be tolerated and will lead to a warning.
(0000946)
sitemasters (reporter)
2012-05-24 13:11
edited on: 1970-01-01 00:00

You're right, I could have done that, but that wouldn't have been quite so funny. You are lucky I didn't use the word black in there as well, I decided against that as some people might have found that offensive.
(0000947)
sitemasters (reporter)
2012-05-24 17:19
edited on: 1970-01-01 00:00

Fair enough I've changed it, "spoilsport". I still think most people would have found the original title funny. But agreed it did look spammy.
(0000948)
nay27uk (reporter)
2012-05-24 19:08
edited on: 1970-01-01 00:00

No problem mate dont bother me but it would some people, and if ren came on it could result in a ban,dont want that to happen to ya
(0000949)
Pleb (reporter)
2012-05-25 05:18
edited on: 2012-05-25 05:40

bug section is for stuff we cant find out fix, after it has been discussed in the forum
we then report here to renlok who is the main coder ;)

the problem with some characters i believe already has been discussed and made some solution to it,think it was fixed in title.
(0000950)
sitemasters (reporter)
2012-05-25 13:19
edited on: 2012-05-25 20:41

I did search the forum, but will do so again. The issue I have raised does not concern special characters as far as I am aware though. As I hinted in the original post it is because the VALUE= in the input boxes encapsulates using the double quotes. We could replace them with single quotes however the next time someone posts an auction using an apostrophe in the title we will get the same problem. Whether we use single quotes or double quotes to encapsulates the {AUC_TITLE} value the script can't tell the difference, which is why I suggested removing the quotes from VALUE= altogether but this is not an ideal solution. I think we need to encode the values of {AUC_TITLE} and {AUC_SUBTITLE} in PHP.
(0000951)
nay27uk (reporter)
2012-05-25 20:35
edited on: 2012-05-25 20:38

This maybe a problem with erm I think its called clean html or somthing I cant remember now but ther is a setting somwhere in its config to allow special chars.
 
I realy cant remember what its called but there are some posts on here about it and replacing it with another one, I am sure its called somthing like clean html.
 
EDIT::: just remembered its called html purifier
(0000952)
sitemasters (reporter)
2012-05-25 20:56
edited on: 1970-01-01 00:00

Where is this html purifier you speak of?
(0000953)
nay27uk (reporter)
2012-05-26 08:31
edited on: 1970-01-01 00:00

Its in the includes folder
(0000954)
sitemasters (reporter)
2012-05-26 10:25
edited on: 1970-01-01 00:00

It is not in my includes folder, I could have sworn I was using 1.0.3 but perhaps I downloaded a different version. I've download it again and can now find it, but searching this forum for purifier indicates that this is for the auction description and not auction title and subtitles.
(0000955)
nay27uk (reporter)
2012-05-27 11:34
edited on: 1970-01-01 00:00

oh maybe it is cant remember was just a thought as you mentioned they are being replaced or striped
(0000956)
sitemasters (reporter)
2012-05-31 08:56
edited on: 1970-01-01 00:00

OK so I have now upgraded to 1.0.3 since the earlier version I had was hacked the other day. The first thing I checked was this issue I posted and can see that although an attempt was made to fix this, it still does not work.

So, lets say you type 9" nails in the title and subtitle and without selecting a payment option you click the continue button. You will be prompted to select a payment option and now instead of everything past the single quote " disappearing, it now disappears and is replaced with a slash \ the same issue applies when you go back to edit the auction as I previously mentioned.
(0000957)
Box Lot (reporter)
2012-05-31 18:07
edited on: 2012-05-31 18:11

I see people weighing on this but no "votes" about able to replicate or not. This HAS to be done with postings in the Project thread.

Issue occurs on edit.

I can confirm and I don't believe further discussion is necessary unless there is a solution posted. Guessing fix is in functions_global.php.
(0000958)
drakky20 (viewer)
2012-06-04 08:04
edited on: 2012-06-04 08:10

yes i can replicate the issue sorry i misread your post before , when you're actually making the listing if you make a mistake it deletes everything after the "
(0000959)
drakky20 (viewer)
2012-06-04 08:22
edited on: 1970-01-01 00:00

it seems it doesn't happen once you succesfully make the list though you can go and edit the listing and no probs at all however i did find in the admin panel you can for example edit it and leave out payment details and the system accepts that which shouldn't happen , then if you go back to the listing as a user then everything after the " dissapears if you forget to add a payment choice
(0001008)
renlok (administrator)
2012-12-11 16:26
edited on: 2012-12-11 16:35

TL;DR

but anyway this should fix it in sell.php

replace
[php]'AUC_TITLE' => $title,
                'AUC_SUBTITLE' => $subtitle,[/php]
with
[php]'AUC_TITLE' => htmlentities($title, ENT_COMPAT),
                'AUC_SUBTITLE' => htmlentities($subtitle, ENT_COMPAT),[/php]
(0001010)
Pleb (reporter)
2012-12-11 23:14
edited on: 2012-12-11 23:21

Nice renlok, just one problem it corrupts my Danish characters.

Before solution:
Title Månen er smuk i nat
Subtitle udvalgte fortællinger

After:
Title MÃ¥nen er smuk i nat
Subtitle udvalgte fortællinger
(0001011)
renlok (administrator)
2012-12-11 23:24
edited on: 2012-12-11 23:26

damn and I was so close OK ill try again tomorrow

edit: actually try
[PHP]'AUC_TITLE' => htmlentities($title, ENT_COMPAT, $CHARSET),
                'AUC_SUBTITLE' => htmlentities($subtitle, ENT_COMPAT, $CHARSET), [/PHP]
does that fix your problem?
(0001012)
Pleb (reporter)
2012-12-12 03:57
edited on: 1970-01-01 00:00

Happy to say now it works
also tried the 12"
Cool renlok ;)

- Issue History
Date Modified Username Field Change
2015-04-01 13:17 renlok New Issue
2015-04-01 13:17 renlok import_id => 382
2015-04-01 13:17 renlok Date Submitted 2015-04-01 13:17 => 2012-05-24 12:42
2015-04-01 13:17 renlok Last Update 2015-04-01 13:17 => 2012-12-12 03:57


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker